Created
October 19, 2020 16:58
-
-
Save haproxytechblog/ee351bf1ac8aaabfb1e6063a0fc176b9 to your computer and use it in GitHub Desktop.
HAProxy and HTTP Strict Transport Security (HSTS)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frontend www.mywebsite.com | |
bind :80 | |
bind :443 ssl crt /etc/ssl/certs/mywebsite.com.pem | |
http-request redirect scheme https code 301 unless { ssl_fc } | |
default_backend servers |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
frontend www.mywebsite.com | |
bind :80 | |
bind :443 ssl crt /etc/ssl/certs/mywebsite.com.pem | |
http-request redirect scheme https code 301 unless { ssl_fc } | |
# max-age is mandatory | |
# 16000000 seconds is a bit more than 6 months | |
http-response set-header Strict-Transport-Security "max-age=16000000; includeSubDomains; preload;" | |
default_backend servers |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment